In 1987, an unknown assailant broke into a Florida woman's home in the middle of the night. He robbed her and raped her at knife point. Semen from the crime scene was matched to DNA samples taken from Tommie Lee Andrews, a serial rapist, and the case became the first instance of DNA use for a criminal conviction in the United States. At that time, no state had a DNA database.

Soon thereafter, states began establishing DNA databases for violent offenders, primarily and in some cases exclusively focused on narrowly targeting convicted sex offenders; Virginia became the first such state in 1989 and all 50 states had created such databases within ten years. In 1994, Congress passed the DNA Identification Act, authorizing the FBI to establish a national DNA database: the Combined DNA Index System, or CODIS. CODIS was originally used for only this class of convicted offender.

Today, as of March 2014, the United States has the largest DNA database in the world, with 10.7 million offender profiles and 1.8 million arrestee profiles.1

This massive growth can be attributed to the ever expanding classes of individuals and "at risk" subgroups whose DNA state legislatures and the Federal government have authorized law enforcement to collect and store, including felony and many misdemeanor convictions, parolees and felony arrestees. Some states have gone even further. For example, New York's creation of an "all crimes" database last year, including individuals convicted of minor crimes such as speeding, is expected to add up to 25,000 more new profiles a year.

In recent years, though, the greatest increase in the rate of profiles entering U.S. DNA databases can be attributable to more and more states collecting DNA upon arrest. Today a majority of states (twenty-eight) now collect DNA upon arrest and many more have already introduced legislation in response to the U.S. Supreme Court's 5-4 decision in Maryland v King that found, at least in most instances, DNA collection upon arrest to be constitutional. This, despite the fact that DNA is not (and cannot) actually be used to verify identity upon arrest, laying bare the true purpose of its collection to be investigative.

Because only a fraction of those who are arrested are ultimately charged and convicted, however, this practice necessarily permits the government to collect DNA from innocent people. If you think as a law abiding citizen this has nothing to do with you, think again. In a pending California case, Haskell v. Harris, a suit was filed on behalf of Lily Haskell and three other plaintiffs who were forced to turn over DNA samples to police after being arrested at a peace rally in San Francisco. Although she was released without any charges, her DNA profile is now stored on CODIS. A recent ruling by the 9th Circuit Court of Appeals supported this practice in light of the Supreme Court ruling in King; though civil liberties advocates are returning to the lower courts to continue to fight the decision. For now, though, the practice remains intact and even applies to victims of domestic violence who are arrested after defending themselves, people wrongfully arrested due to police misconduct, someone who has written a bad check, and people arrested during political demonstrations.

Moreover, bigger databases and expanded collection practices necessarily increase the chance that innocent people will have their DNA taken, used and stored by the state purely because of false matches and error, which can occur by chance or through poor laboratory/police practice. Across the country, forensic DNA labs have had problems with cross-contamination of samples, mislabeling, misinterpretation of samples and in some cases outright fraud. For instance, an analyst for the New York City medical officer's office was caught faking the results of control samples. The consequences can be severe. Consider the case of Steven Myer, an Ohio man who was indicted for burglary based solely on DNA evidence. He spent seven months in jail before being released after subsequent retesting proved it was not his DNA sample. That the government would obtain DNA from any innocent person is disturbing, but the practice visits a special and severe harm upon minorities. Members of minority groups are arrested in disproportionate numbers, and a disproportionate percentage of innocent arrestees are likely to be minorities.

DNA can be an effective tool to help law enforcement convict the guilty and exonerate the innocent, but that clear benefit has yet to be balanced, from both a policy and legal standpoint, with the ever intrusive nature of obtaining and storing so many DNA samples and the resulting profiles. Indeed, the balancing can be particularly difficult because we have so little data as to just how effective DNA collection by law enforcement actually is in convicting criminals. The FBI has never allowed CODIS to be studied by independent experts. Moreover, states and the Federal government - shockingly - do not track convictions based upon DNA, but rather matches between DNA profiles on the database. These can be matches between a newly loaded DNA profile from an individual and the database of stored crime scene DNA profiles, or between a newly loaded crime scene DNA profile and the stored DNA profiles of individuals. Of course, matches are not convictions. As DNA databases get larger, many matches can occur between a crime scene DNA profile and people who were at the scene but did not commit the crime, including passers-by, family members and victims of the crime. The frequency of matches can, then, necessarily be high, and it's these "compelling" numbers that are most often used to promote greater and greater database expansions and collection practices without the legitimate statistical support they should require.

We do have better statistics from countries that have already gone down this road. The United Kingdom has dialled back their DNA database practices after public outcry and a condemning decision from the European Court of Human Rights. What the U.K. discovered is that as its database ballooned in size there was no statistical increase in the number of crimes detected using DNA, because most people are unlikely to commit serious crimes for which DNA evidence might be relevant.

What we do know is that the collection of DNA samples raises profound and far-reaching privacy concerns. DNA is a particularly robust form of personal information that can reveal not only identity, but highly personal health information, ancestry, and paternity. And our understanding of and uses for genetic information are only going to multiply as genetic research continues.

Arguments that compare DNA to fingerprints seemingly ignore two crucial truths. Firstly, the thirteen noncoding loci the government uses to create a "profile" in CODIS perform significant genetic functions and will likely provide information beyond identification as they are understood better. The European Court of Human Rights, in finding against the U.K.'s expansion of its database practices found that DNA profiles could be used to distinguish ethnicity, as well as determine family members.2

Secondly, every government entity that maintains a DNA database maintains not only the profiles created from the DNA but also stores the actual biological samples themselves - indefinitely. This requirement is explicitly laid out in FBI regulations and the laws of thirty-seven states (the remaining states do not require retention of samples but do not prohibit it either).3 Indeed, while the focus is often on DNA profiles, there is very little law and regulation of how such biological samples are to be handled and stored. Even for individuals whose DNA was collected upon arrest and who were later acquitted, DNA profiles and samples are often retained since most expungement procedures are complicated and costly. More than twenty years ago, the National Academy of Sciences recommended against this practice and just last year the Presidential Commission for the Study of Bioethical Issues affirmed it when they found:

The best way to minimize privacy risks is to minimize the amount of sensitive information the government collects and retains in the first place. Destroying DNA samples after analyses would reduce the risks to individuals' genetic privacy without compromising law enforcement's capabilities.4

DNA databases in the U.S. have already expanded beyond law enforcement use. Seventeen states allow the use of DNA for non-law enforcement purposes including population statistical databases and seven states allow such databases to be used for research purposes.5 The ability to combine CODIS data with other publicly available data is likely to grow. And it's not hard to imagine, as we develop more and more private and public databases of genetic information, that law enforcement won't try to access them.

We are not only building bigger and bigger databases, but expanding collection practices as well. Police are now using DNA dragnets, where DNA is taken from a selected population without individualized suspicion or of individuals who happen to live near a crime scene or who happen to match a certain physical profile. Some police departments are operating their own "off grid" DNA databases with little oversight and police and prosecutors in some cities and counties (such as Orange County, CA) are taking DNA "voluntarily" from individuals arrested for petty crimes in exchange for dropping charges against them.

Familial searching, a deliberate search of a DNA database conducted for the intended purpose of potentially identifying close biological relatives to the unknown forensic profile obtained from crime scene evidence, is becoming more widespread. Such searches virtually guarantee that DNA databases will create suspects out of innocent people, and because of the composition of DNA databases, those innocent suspects will disproportionately be people of color. Crime scene DNA has also been used to predict physical characteristics, such as certain shades of hair color, and to draw broad conclusions about genetic ancestry. Concerns have been raised about these predictions being used for crude profiling, potentially racially tinged, which have led Germany and several U.S. states to bar their use by police. Even so, new research on "molecular photofitting" (producing a crude image of a suspect's face from DNA left at the crime scene) suggests that such reconstructions may soon be possible, giving police another investigative tool that could result in wrongful arrests and unjustified searches.

We are at a critical juncture in the United States, as law and policy are rapidly allowing law enforcement greater access to Americans' DNA with limited public discussion and debate. Continued expansion of the power of law enforcement to collect and store DNA must be guided by a transparent debate that balances legitimate public safety concerns with human rights and privacy interests and that is honest about the value of forensic DNA, recognizing the limited benefits of expansion beyond likely re-offenders.

Jeremy Gruber, JD, is President of the Council for Responsible Genetics.

4. See DNA Technology in Forensic Science, Comm. On DNA Tech. in Forensic Sci. of the Nat’l Acad. Of Sci. 122 (1992) and Privacy and Progress in Whole Genome Sequencing, Pres. Comm’n for the study of Bioethical Issues (Oct. 2012).